Britain's critical infrastructure is under siege by hostile states, which are responsible for approximately three-quarters of all attacks. The National Cyber Security Centre's CEO, Richard Horne, emphasizes that these nation-state adversaries are gathering intelligence and establishing a presence within critical systems, setting the stage for potential future conflicts. This prepositioning allows them to disrupt or destroy infrastructure at a moment's notice, using intelligence gathered today to inform kinetic targeting tomorrow1. The threat landscape has shifted, with state-aligned activity now a dominant concern, requiring a distinct approach that accounts for geopolitical motivations. This new reality demands a revised threat model, one that acknowledges the involvement of hostile states and their strategic objectives. So what this means for cybersecurity practitioners is that they must be prepared to defend against sophisticated, state-sponsored attacks that prioritize strategic gain over financial motives.